Resources

Partners

Data Loss Prevention

Prevent the Misuse of your Most Sensitive Data by Insiders

28% of cyber attacks are perpetrated by bad actors inside the organization. In addition, many insider breaches occur simply by insiders unintentionally misusing data. These threats are particularly difficult as there is no way for an ERP system to decipher if users are leveraging their privilege to access sensitive information for legitimate or malicious purposes.

Rather than restricting access, which could be detrimental to users carrying out tasks, administrators are turning to strategies that dynamically redact and restrict access to the information available for view – Appsian takes this strategy to the next level.

Key Challenges

Multi-Factor Authorization only at login

Accessible Volume of PII

Compromised Reports

Limited Data Masking

Limited Auditing

PeopleSoft does not directly support multi-factor authorization (MFA.) MFA is only possible by leveraging a 3rd party vendor, and even with a vendor, MFA functionality is only possible at the application login screen.

Personally Identifiable Information (PII) is displayed on hundreds of pages in PeopleSoft, thus increasing the scope of a data loss incident.

Running reports and queries in ERP systems is designed to be simple and seamless, thus making the ability to quickly compromise a large volume of data easier.

Expanding current data masking functionality in ERP systems requires additional scripts and customizations applied by role to each page with sensitive data.

Internal auditors cannot determine PII access – who, when, and where. The best alternative is manual triangulation of reports that could take months to reveal actionable insights.

Key Features

Multi-Factor Authorization

Appsian partners with multiple MFA providers to embed MFA functionality within the PeopleSoft system at the field/page/component level. Appsian’s MFA solution leverages a robust rules engine that contextually determines when an additional authentication challenge is required

Data Masking / Redaction

Apply full or partial data masking at the page/component/field level and execute controls based on a rules engine

Click to View

Apply an additional logging step that identifies the user requesting access to a specific data field, thus making audits more effective and efficient

Appsian Security Solutions are Trusted By

We did several assessments when PeopleSoft was selected and we decided to implement. We started looking at the product and what we had today in terms of security and we realized there were some gaps.– Matthew Scott, IT Director Penn State University

We did several assessments when PeopleSoft was selected and we decided to implement. We started looking at the product and what we had today in terms of security and we realized there were some gaps. – Matthew Scott, IT Director Penn State University